PATENT 

Attorney Docket No.: DYC-00700 



Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1-10 (canceled) 

1 1 . (currently amended) A gateway support node operable to provide an interface between an 
external packet data communications network and a packet radio network, the packet radio 
network providing a plurality of packet data bearers for communicating the internet packets with 
nodes attached to the packet radio network, each of the packet data bearers being defined with 
respect to a source home address of nodes communicating the internet packets, the gateway 
support node being arranged to receive an internet packet comprising a header field, the header 
field including a field identifying a source address of the internet packet, a field identifying the a 
destination address of the internet packet and a next header field identifying whether an 
extension header follows the header and a type of the extension header, the header field 
identifying that the extension header includes a hop-by-hop extension header, the hop-by-hop 
extension header including a router alert option header indicating that the hop-by-hop extension 
header is optional for a router to read, and a value field indicating that the remainder of the hop- 
by-hop header is provided for the gateway support node, the remainder of the hop-by-hop 
extension header including a field providing a home address of a mobile node, the gateway 
support node being operable upon receipt of the internet packet, 

to detect that the next header field of the internet packet includes n the hop-by-hop 
extension header, and 

to detect the router alert option header in the hop-by-hop extension header, and the value 
field indicating that the remainder of the hop-by-hop extension header is provided for the 
gateway support node, and upon detecting the value field indicating that the remainder of the 
hop-by-hop extension header field is for the gateway support node, 

to recover information from a field provided in the remainder of the hop-by-hop 
extension header for use in controlling egress and/or ingress of internet packets to the packet 
radio network in accordance with the information, wherein 

the gateway support node is operable 

to controls ingress of internet packets from the external communications network to the 
packet data bearers of the packet radio network, by 
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detecting from the information field provided in the remainder of the hop-by-hop 
extension header a source home address of a mobile correspondent node communicating the 
internet packets, 

using the home address to identify the packet data bearer for communicating the internet 
packets to a correspondent node attached to the packet radio network, and 

allowing ingress of the internet packets to the identified packet data bearer. 

12. (currently amended) A gateway support node as claimed in Claim 1 1 , the gateway support 
node being operable 

to allowing ingress of the internet packets if either the address in the source address field 
of the internet packet or the address provided in the field in hop-by-hop extension header for the 
gateway support node corresponds to a packet data bearer. 

13. (currently amended) A gateway support node as claimed in Claim 1 1, the gateway support 
node b e ing op e rabl e 

to performing egress packet filtering in accordance with a destination address of the 
internet packets received from the plurality of packet data bearers, egress of the internet packets 
being allowed for internet packets having a legitimate destination address, and upon receipt of 
the internet packet, 

to detecting from the information data provided in the hop-by-hop extension header field 
for the gateway support node a destination home address of a mobile correspondent node which 
is to be the destination of the internet packets, and 

to allowing egress of the internet packets if the gateway support node recognizes the 
destination home address as a legitimate home address. 

14. (currently amended) A gateway support node as claimed in Claim 13, the gateway support 
node being operable to allowing egress of the internet packets if either the address in the 
destination address field of the packet or the address provided in the hop-by-hop extension 
header for the gateway support node is a legitimate destination address. 

1 5 . (currently amended) A gateway support node as claimed in Claim 1 1 , wherein the 
gateway support node is operable as comprises a Gateway GPRS Support Node (GGSN), 
according to the General Packet Radio System standard. 
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1 6 . (currently amended) A packet radio network operable to communicate for communicating 

internet packets between an external packet data network and nodes associated with the packet 
radio network, the packet radio network providing a plurality of packet data bearers for 
communicating the internet packets to and/or from the nodes attached to the packet radio 
network, the packet radio network including a gateway support node as claimed in Claim 1 1 . 

17. (currently amended) A packet radio network as claimed in Claim 16, wherein the packet 
radio network is operable in accordance complies with the General Packet Radio System (GPRS) 
standard, the gateway support node being comprising a Gateway GPRS Support Node (GGSN). 

18. (currently amended) A method of operating a gateway support node to interface between 
an external packet data communications network and a packet radio network, the packet radio 
network providing a plurality of packet data bearers for communicating the internet packets with 
nodes attached to the packet radio network, each of the packet data bearers being defined with 
respect to a source home address of the nodes communicating the internet packets, the method 
comprising 

receiving an internet packet comprising a header field, the header field including a field 
identifying a source address of the internet packet, a field identifying the a destination address of 
the internet packet and a next header field identifying whether an extension header follows the 
header and a type of the extension header, the header field identifying that the extension header 
includes a hop-by-hop extension header, the hop-by-hop extension header including a router alert 
option header indicating that the hop-by-hop extension header is optional for a router to read, and 
a value field indicating that the remainder of the hop-by-hop header is provided for the gateway 
support node of the packet radio network, the remainder of the hop-by-hop extension header 
including a field providing a home address of a mobile node, 

detecting that the next header field of the internet packet identifying that an extension 
header includes a die hop-by-hop extension header, 

detecting the router alert option header and the value field in the hop-by-hop extension 
header indicating that the remainder of the hop-by-hop header is provided for the gateway 
support node, and upon detecting the value field indicating that the remainder of the hop-by-hop 
extension header field is for the gateway support node, 
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recovering from a field provided in the remainder of the hop-by-hop extension header 
information for use in controlling egress and/or ingress of internet packets to the packet radio 
network in accordance with the information, 

wherein, the controlling the ingress of internet packets from the external communications 
network to the packet data bearers of the packet radio network in accordance with the 
information, includes 

detecting from the information field provided in the remainder of the hop-by-hop 
extension header field a source home address of a mobile correspondent node communicating the 
internet packets, using the home address to identify the packet data bearer for communicating the 
internet packets to a correspondent node attached to the packet radio network, and 

allowing ingress of the internet packets to the identified packet data bearer, and otherwise 
dropping the internet packet. 

19. (previously presented) A method as claimed in Claim 18, the method comprising 

performing egress packet filtering in accordance with a destination address of internet 
packets received from the plurality of packet data bearers, egress of internet packets being 
allowed for internet packets having a legitimate destination address, and upon receipt of the 
internet packet, 

detecting from information provided in the remainder of the hop-by-hop extension header 
field for the gateway support node a destination home address of a mobile correspondent node 
which is to be the destination of the internet packets, and 

allowing egress of internet packets if the gateway support node recognises the destination 
home address as a legitimate home address. 

20-23 (canceled) 

24. (currently amended) A computer program having readable memory device comprising 
computer executable instructions , which when loaded on to forming a computer program to be 
executed by a data processor causes the data processor to perform a method according to Claim 
-r& within a computer, the program comprising: 

receiving an internet packet comprising a header field, the header field including a field 
identifying a source address of the internet packet, a field identifying a destination address of the 
internet packet and a next header field identifying whether an extension header follows the 
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header and a type of the extension header, the header field identifying that the extension header 
includes a hop-bv-hop extension header, the hop-by-hop extension header including a router alert 
option header indicating that the hop-bv-hop extension header is optional for a router to read, and 
a value field indicating that the remainder of the hop-by-hop header is provided for the gateway 
support node of the packet radio network, the remainder of the hop-bv-hop extension header 
including a field providing a home address of a mobile node. 

detecting that the next header field of the internet packet identifying that an extension 

header includes the hop-by-hop extension header. 

detecting the router alert option header and the value field in the hop-by-hop extension 

header indicating that the remainder of the hop-by-hop header is provided for the gateway 
support node, and upon detecting the value field indicating that the remainder of the hop-bv-hop 
extension header field is for the gateway support node. 

recovering from a field provided in the remainder of the hop-by-hop extension header 

information for use in controlling egress and/or ingress of internet packets to the packet radio 
network in accordance with the information. 

wherein, the controlling the ingress of internet packets from the external communications 

network to the packet data bearers of the packet radio network in accordance with the 
information, includes 

detecting from the information field provided in the remainder of the hop-bv-hop 

extension header field a source home address of a mobile correspondent node communicating the 
internet packets, using the home address to identify the packet data bearer for communicating the 
internet packets to a correspondent node attached to the packet radio network, and 

allowing ingress of the internet packets to the identified packet data bearer, and otherwise 

dropping the internet packet . 

25. (canceled) 

26. (currently amended) A gateway support node as claimed in Claim 12, the gateway support 
node being operable 

to performing egress packet filtering in accordance with a destination address of the 
internet packets received from the plurality of packet data bearers, egress of the internet packets 
being allowed for internet packets having a legitimate destination address, and upon receipt of 
the internet packet, 
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to detecting from the information data provided in the hop-by-hop extension header field 
for the gateway support node a destination home address of a mobile correspondent node which 
is to be the destination of the internet packets, and 

to allowing egress of the internet packets if the gateway support node recognizes the 
destination home address as a legitimate home address. 

27. (currently amended) A gateway support node as claimed in Claim 26, the gateway support 
node being operable to allowing egress of the internet packets if either the address in the 
destination address field of the packet or the address provided in the hop-by-hop extension 
header for the gateway support node is a legitimate destination address. 

28 . (currently amended) A computer program having readable memory device comprising 
computer executable instructions , which when loaded on to forming a computer program to be 
executed by a data processor causes the data processor to perform a method according to Claim 
+9 within a computer, the program comprising: 

receiving an internet packet comprising a header field, the header Held including a Held 
identifying a source address of the internet packet, a field identifying a destination address of the 
internet packet and a next header field identifying whether an extension header follows the 
header and a type of the extension header, the header field identifying that the extension header 
includes a hop-by-hop extension header, the hop-bv-hop extension header including a router alert 
option header indicating that the hop-by-hop extension header is optional for a router to read, and 
a value field indicating that the remainder of the hop-by-hop header is provided for the gateway 
support node of the packet radio network, the remainder of the hop-bv-hop extension header 
including a field providing a home address of a mobile node, 

detecting that the next header field of the internet packet identifying that an extension 

header includes the hop-by-hop extension header, 

detecting the router alert option header and the value field in the hop-bv-hop extension 

header indicating that the remainder of the hop-bv-hop header is provided for the gateway 
support node, and upon detecting the value field indicating that the remainder of the hop-bv-hop 
extension header field is for the gateway support node. 

recovering from a field provided in the remainder of the hop-bv-hop extension header 

information for use in controlling egress and/or ingress of internet packets to the packet radio 
network in accordance with the information. 
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wherein, the controlling the ingress of internet packets from the external communications 

network to the packet data bearers of the packet radio network in accordance with the 
information, includes 

detecting from the information field provided in the remainder of the hop-bv-hop 

extension header field a source home address of a mobile correspondent node communicating the 
internet packets, using the home address to identify the packet data bearer for communicating the 
internet packets to a correspondent node attached to the packet radio network, and 

allowing ingress of the internet packets to the identified packet data bearer, and otherwise 

dropping the internet packet. 

performing egress packet filtering in accordance with a destination address of internet 

packets received from the plurality of packet data bearers, egress of internet packets being 
allowed for internet packets having a legitimate destination address, and upon receipt of the 
internet packet. 

detecting from information provided in the remainder of the hop-by-hop extension header 

field for the gateway support node a destination home address of a mobile correspondent node 
which is to be the destination of the internet packets, and 

allowing egress of internet packets if the gateway support node recognises the destination 

home address as a legitimate home address . 

29. (canceled) 
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